-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#[thread_local] static mut
is allowed to have 'static
lifetime
#54366
Comments
…borrow-test, r=pnkfelix Add regression test for thread local static mut borrows FIXME(rust-lang#54366) - We probably shouldn't allow `#[thread_local] static mut` to get a `'static` lifetime, but for now, we should at least test the behavior that `rustc` currently has.
Re-triaging for #56754. Based on #29594 (comment) I am tagging this as P-medium. |
Fixing this issue is easy now, but it will be super hard to do with a future incompat lint, because the real change is happening elsewhere. The fix is to change https://github.com/rust-lang/rust/blob/a916ac22b9f7f1f0f7aba0a41a789b3ecd765018/src/librustc/ty/util.rs#L666.L667 to if self.is_mutable_static(def_id) {
self.mk_mut_ref(self.lifetimes.re_erased, static_ty) Because then borrowck will pick it up correctly and detect the thread local annotation and not give it the static lifetime |
@oli-obk, is a future incompat lint necessary if this feature is still unstable? It doesn't sound like that change would affect stable users. |
I agree a lint is probably not needed. I'm not sure whether I think @oli-obk's suggested patch is correct (like, I literally haven't looked into it -- it probably is). |
While attempting to fix #70685 (see #71192 for the changes) I got all of our tests to pass, except for https://github.com/rust-lang/rust/blob/master/src/test/ui/nll/borrowck-thread-local-static-mut-borrow-outlives-fn.rs which references this issue. I have reinstated the current behaviour, but the site of the required change that I suggested above has changed. It's now in the |
Curiously, doing the same thing with a non- |
Isn't that a problem with unsafety checking? You said elsewhere that this crucially is a raw pointer to ensure that accesses are unsafe. |
We do unsafety checking properly nowadays: rust/compiler/rustc_mir/src/transform/check_unsafety.rs Lines 207 to 216 in c9c57fa
So the raw pointer checks aren't actually necessary, even though they are a good safety net for our use of |
"properly" for some notion of "properly". ;) Relying on |
Will this be solved in edition 2024 by the changes to static mut being done? Or will this still be an issue? |
What is the bug here? Why is borrowing a Is the problem that |
The borrow checker clearly tries to account for the fact that thread_local statics don't have |
So the annoying thing is that the thread local rvalue needs to return Or does static mut X: (u32, u32) = (0, 0);
fn a() {
&mut X.1;
} translating to
actually does not annoy MIRI too much Therefore, there is a semantic reason for static muts being a dereference of a raw pointer, which means no lifetime checking. Other way of describing this: static mut X: Foo = ...;
X is the same as static X: RacyUnsafeCell<Foo> = ...;
X.get() and since the latter allows getting |
Again, we already must have special code for immutable thread-local statics handling this. The exact same logic should "just" also be applied to mutable thread-local statics. Or is there some reason that does not work? |
All kinds of statics and thread locals work by _0: Pointer<T> = addr_of_static()
use(_0) For non- So you basically end up with the |
The thing I like about |
Spinning off from #51269:
The MIR borrow checker (i.e., NLL) permits
#[thread_local] static mut
to have'static
lifetime. This is probably a bug. It arises because we ignore borrows of "unsafe places", which includesstatic mut
.We probably ought to stop doing that — at least not ignoring them entirely — but if we do so, we have to ensure that we continue to accept overlapping borrows of
static mut
(even though that is basically guaranteed UB), since it compiles today:The text was updated successfully, but these errors were encountered: